Rug Pull Finder gets exploited, questions of credibility raised

Rug pulls have become quite common in the crypto and NFT industry. NFT Rug Pull Finder, a project to help find scammers and audit NFT collections, got exploited via NFT smart contract.

Twitter user and analyst @NFTHerder and the NFT community, in general, are now questioning the platform’s credibility as a security firm.

Rug Pull Finder recently dropped a free mint on its platform; however, two scammers took advantage of a loophole within the smart contract and attacked it to mint 450 NFTs instead of one.

The collection called “Bad Guys” features 1,221 NFT artworks about “scammers accidentally let loose on the blockchain.” A wallet could only mint one NFT from the minting stage.

Bad Guys was a pre-sale via a whitelist before the official launch of the 10,000 NFT collection. The NFT holder would receive the benefits of minting the main RPF NFT drop and future NFT drops.

With the exploit happening, many people criticized NFT by Rug Pull Finder for not ensuring its platform’s security.

The RPF team came on Twitter to explain the exploit. According to them, the scammers saw a flaw in the code and exploited it, even though the team had received a warning from a source about it.

“After reviewing it with three different dev teams, we did not believe the credibility of the information sent to us... We were clearly wrong, and we are truly, truly sorry,” the team said.

The ironic thing about this exploit is that the project was founded to detect technical flaws in NFT small contracts but it failed to audit its own NFT smart contract.

As of now, the team has made a deal with one of the scammers to recover 330 NFTs in exchange for a bounty of 2.5 ETH, which is around $3,944.

Next up